Skip to content

Instantly share code, notes, and snippets.

View Drag0nR3b0rn's full-sized avatar

Michael Genkin Drag0nR3b0rn

75 followers · 32 following
View GitHub Profile
@Drag0nR3b0rn
Drag0nR3b0rn / environment.yml
Last active March 23, 2020 06:54
dependencies:
- appmode
@Drag0nR3b0rn
Drag0nR3b0rn / netgear-private-key-disclosure.md
Created January 20, 2020 16:35 — forked from nstarke/netgear-private-key-disclosure.md
Netgear TLS Private Key Disclosure through Device Firmware Images

Netgear Signed TLS Cert Private Key Disclosure

Overview

There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.

These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.

The firmware images that contained these certificates along with their private keys were publicly available for download through Netgear's support website, without authentication; thus anyone in the world could have retrieved these keys.

@Drag0nR3b0rn
Drag0nR3b0rn / keybase.md
Created March 21, 2015 16:04

Keybase proof

I hereby claim:

  • I am drag0nr3b0rn on github.
  • I am drag0nr3b0rn (https://keybase.io/drag0nr3b0rn) on keybase.
  • I have a public key whose fingerprint is 3A40 11FE 7E0E 9AFC BE72 168D D1A4 E8A3 B43B 2520

To claim this, I am signing this object: